This article describes basic usage of eCryptfs. It guides you through the process of creating a private and secure encrypted directory within your $HOME directory to store sensitive files and private data.

In implementation eCryptfs differs from dm-crypt, which provides a block device encryption layer, while eCryptfs is an actual file-system – a stacked cryptographic file system. For comparison of the two you can refer to this table and the Disk encryption#Comparison table. One distinguished feature is that the encryption is stacked on an existing filesystem; eCryptfs can be mounted onto any single existing directory and does not require a separate partition (or size pre-allocation).

Note: The article is in the process of being re-structured. If you need to find information that might not be in its place yet again, the revision before the restructuring is here.

Basics

As mentioned in the summary eCryptfs does not require special on-disk storage allocation effort, such as a separate partition or pre-allocated space. Instead, you can mount eCryptfs on top of any single directory to protect it. That includes, for example, a user's entire $HOME directory or single dedicated directories within it. All cryptographic metadata is stored in the headers of files, so encrypted data can be easily moved, stored for backup and recovered. There are other advantages, but there are also drawbacks, for instance eCryptfs is not suitable for encrypting complete partitions which also means you cannot protect swap space with it (but you can, of course, combine it with Dm-crypt/Swap_encryption). If you are just starting to set up disk encryption, swap encryption and other points to consider are covered in Disk encryption#Preparation.

To familiarize with eCryptfs a few points:

As a stacked filesystem, a mounting of an eCryptfs directory refers to mounting a (stacked) encrypted directory to another unencrypted mount point (directory) at Linux kernel runtime.

It is possible to share an encrypted directory between users. However, the encryption is linked to one passphrase so this must be shared as well. It is also possible to share a directory with differently encrypted files (different passphrases).

A number of eCryptfs acronyms are used throughout the documentation:

The encrypted directory is referred to as the lower and the unencrypted as the upper directory throughout the eCryptfs documentation and this article. While not relevant for this article, the "overlay" filesystem introduced with Linux 3.18 uses (and explains) the same upper/lower nomenclatura for the stacking of filesystems.

the mount passphrase (or key) is what gives access to the encrypted files, i.e. unlocks the encryption. eCryptfs uses the term wrapped passphrase to refer to the cryptographically secured mount passphrase.

a FNEK refers to a File Name Encryption Key, a key to (optionally) encrypt the filenames stored in the encrypted directory.

Before using eCryptfs, the following disadvantages should be checked for applicability.

Deficiencies

Hard-coded variables

The best usability of eCryptfs is achieved by relying on the so-called "Ubuntu tools" of the ecryptfs-utils package. A considerable downside is that a lot of variables (encryption options, lower directory path) are hard-coded into the tools. Changing them infers considerable manual configuration to achieve similar integration.

Network storage mounts

eCryptfs has long-standing bugs and/or feature requests relating to networked storage. Replicating a content backup of an encrypted directory to a network backup storage is always possible. However, if you want to employ ecryptfs to store the encrypted directory directly on a network storage and mount it locally, you should search for working solutions of the respective network tools (NFS, Samba, etc.) first. If in doubt, Encfs may be a better choice for such application.

Sparse files

eCryptfs does not handle sparse files. This is sometimes referred to as a bug, but likewise is a consequence of the design as a stacked filesystem encryption. For example, in an eCryptfs directory a truncate -s 1G file.img creates 1GB encrypted data and passes it to the underlying filesystem to store; with the corresponding resource (disk space, data throughput) requirements. Unencrypted, the same file can be allocated efficiently as sparse file space by the filesystem; with a block device encryption only the respective filesystem output would be encrypted.

This should be considered before encrypting large portions of the directory structure. For most intents and purposes this deficiency does not pose a problem. One workaround is to place sparse files in an unencrypted .Public directory (as opposed to the standard eCryptfs .Private directory, explained below). Another method is to use a dm-cryptcontainer in .Public for such.

Setup example overview

The following #Setup & mounting section describes alternatives using eCryptfs to encrypt a data directory. The alternatives start with #Using the Ubuntu tools, which make eCryptfs usage particularly easy and also safe against user errors. This also applies to #Encrypting a home directory with the tools. During setup, instructions are given on the console by the scripts. The #Using_ecryptfs-simple section then introduces an alternative package to aide using eCryptfs. The #Manual setup section then describes the setup using the ecryptfs filesystem directly. The first subsection (#With ecryptfs-utils) still uses one more script and is suggested to read to familiarize with the setup of the manual options before using them #Without ecryptfs-utils.

The alternatives include

the setup step for the encrypted directory structures

the setup to mount, unmount the directory at runtime manually and/or automatically at user login

Each of the described alternative examples can be removed after setup very easily, so do not refrain from testing which suits your needs best.

Setup & mounting

eCryptfs is a part of Linux since version 2.6.19. But to work with it you will need the userspace tools provided by the package ecryptfs-utils available in the Official repositories.

Once you have installed that package you can load the ecryptfs module and continue with the setup:

# modprobe ecryptfs

Before starting, check the eCryptfs documentation. It is distributed with a very good and complete set of manual pages.

Tip: If you use linux-grsec, auto-loading of cryptographic modules may fail when executing the ecryptfs-mount-private wrapper (as of November 2014). As a work-around, load the mentioned module manually; for example modprobe md5 as root and configure the system to load it at next boot.

Using the Ubuntu tools

Most of the user-friendly convenience tools installed by the ecryptfs-utils package assume a very specific eCryptfs setup, namely the one that is officially used by Ubuntu (where it can be selected as an option during distro installation). Unfortunately, these choices are not just default options but are actually hard-coded in the tools. If this set-up does not suit your needs, then you can not use the convenience tools and will have to follow the steps at #Manual_setup instead.

The set-up used by these tools is as follows:

each user can have only one encrypted directory that is managed by these tools:

either full $HOME directory encryption, or

a single encrypted data directory (by default ~/Private/, but this can be customized).

the lower directory for each user is always ~/.Private/(in the case of full home dir encryption, this will be a symlink to the actual location at /home/.ecryptfs/$USER/.Private/)

the encryption options used are:

cipher: AES

key length: 16 bytes (128 bits)

key management scheme: passphrase

plaintext passthrough: enabled

the configuration / control info for the encrypted directory is stored in a bunch of files at ~/.ecryptfs/:(in the case of full home dir encryption, this will be a symlink to the actual location at /home/.ecryptfs/$USER/.ecryptfs/)

Private.mnt[plain text file] - contains the path where the upper directory should be mounted (e.g. /home/lucy or /home/lucy/Private)

Private.sig[plain text file] - contains the signature used to identify the mount passphrase in the kernel keyring

Encrypting a data directory

Before the data directory encryption is setup, decide whether it should later be mounted manually or automatically with the user log-in.

To encrypt a single data directory as a user and mount it manually later, run:

$ ecryptfs-setup-private --nopwcheck --noautomount

and follow the instructions. The option --nopwcheck enables you to choose a passphrase different to the user login passphrase and the option --noautomount is self-explanatory. So, if you want to setup the encrypted directory automatically on log-in later, just leave out both options right away.

The script will automatically create the ~/.Private/ and ~/.ecryptfs/ directory structures as described in the box above. It will also ask for two passphrases:

login passphrase

This is the password you will have to enter each time you want to mount the encrypted directory. If you want auto-mounting on login to work, it has to be the same password you use to login to your user account.

mount passphrase

This is used to derive the actual file encryption master key. Thus, you should not enter a custom one unless you know what you are doing - instead press Enter to let it auto-generate a secure random one. It will be encrypted using the login passphrase and stored in this encrypted form in ~/.ecryptfs/wrapped-passphrase. Later it will automatically be decrypted ("unwrapped") again in RAM when needed, so you never have to enter it manually. Make sure this file does not get lost, otherwise you can never access your encrypted folder again! You may want to run ecryptfs-unwrap-passphrase to see the mount passphrase in unencrypted form, write it down on a piece of paper, and keep it in a safe (or similar), so you can use it to recover your encrypted data in case the wrapped-passphrase file is accidentally lost/corrupted or in case you forget the login passphrase.

The mount point ("upper directory") for the encrypted folder will be at ~/Private by default, however you can manually change this right after the setup command has finished running, by doing:

To actually use your encrypted folder, you will have to mount it - see #Mounting below.

Encrypting a home directory

The following wrapper script will set up an encrypted $HOME directory for a user and take care of migrating any existing files they have in their not yet encrypted home directory. Ensure that the user in question owns no processes and is logged out. You also need to ensure that you have rsync and lsof installed. Once the prerequisites have been met, run:

# ecryptfs-migrate-home -u username

and follow the instructions. After the wrapper script is complete, follow the instructions for auto-mounting - see #Auto-mounting below. It is imperative that the user logs in before the next reboot, to complete the process.

Mounting

Manually

Executing the wrapper

$ ecryptfs-mount-private

and entering the passphrase is all needed to mount the encrypted directory to the above described upper directory~/Private.

Likewise, executing

$ ecryptfs-umount-private

will unmount it again.

Tip: If it is not required to access the private data permanently during a user session, maybe define an alias to speed the manual step up.

The tools include another script that can be very handy to access an encrypted .Private data or home directory. Executing ecryptfs-recover-private as root will search the system (or an optional specific path) for the directory, interactively query the passphrase for it and mount the directory. It can, for example, be used from a live-CD or different system to access the encrypted data in case of a recovery. Note that if booting from an Arch Linux ISO you must first install the ecryptfs-utils to it. Further, it will only be able to mount .Private directories created with the Ubuntu tools.

Auto-mounting

The default way to auto-mount an encrypted directory is via PAM. See man pam_ecryptfs and - for more details - 'PAM MODULE' in:

/usr/share/doc/ecryptfs-utils/README

For auto-mounting it is required that the passphrase to access the encrypted directory is synchronised with the user log-in.

The following steps set it up:

1. Check if ~/.ecryptfs/auto-mount, ~/.ecryptfs/auto-umount and ~/.ecryptfs/wrapped-passphrase exist (these are automatically created by ecryptfs-setup-private).

2. Add ecryptfs to the pam-stack exactly as following to allow transparent unwrapping of the passphrase on login:

Open /etc/pam.d/system-auth and after the line containing auth required pam_unix.so add:

auth required pam_ecryptfs.so unwrap

Next, above the line containing password required pam_unix.so insert:

password optional pam_ecryptfs.so

And finally, after the line session required pam_unix.so add:

session optional pam_ecryptfs.so

3. Re-login and check output of mount which should now contain a mountpoint, e.g.:

/home/$USER/.Private on /home/$USER/Private type ecryptfs (...)

for the user's encrypted directory. It should be perfectly readable at ~$HOME/Private/.

The latter should be automatically unmounted and made unavailable when the user logs off.

Warning: Unfortunately the automatic unmounting is susceptible to break with systemd and bugs are filed against it.[1][2][3][4]
If you experience this problem, you can test it by commenting out -session optional pam_systemd.so in /etc/pam.d/system-login. However, this is no solution because commenting out will break other systemd functionalities.

Using ecryptfs-simple

Use ecryptfs-simple if you just want to use eCryptfs to mount arbitrary directories the way you can with EncFS. ecryptfs-simple does not require root privileges or entries in /etc/fstab, nor is it limited to hard-coded directories such as ~/.Private. The package is available to be installed as ecryptfs-simpleAUR and from Xyne's repos.

As the name implies, usage is simple:

# simple mounting
ecryptfs-simple /path/to/foo /path/to/bar

# automatic mounting: prompts for options on the first mount of a directory then reloads them next time
ecryptfs-simple -a /path/to/foo /path/to/bar

# unmounting by source directory
ecryptfs-simple -u /path/to/foo

# unmounting by mountpoint
ecryptfs-simple -u /path/to/bar

Manual setup

The following details instructions to set up eCryptfs encrypted directories manually. The first section still relies on one extra script from the ecryptfs-utils package. It may be an easier start and can be tried without any root rights. The second then sets up an encrypted directory with other encryption options than the default tools.

Tip: The following examples use an encrypted directory (.secret) different to the default, hard-coded .Private in the Ubuntu tools. This is on purpose to avoid problems of erroneous #Auto-mounting when the system has PAM setup for it, as well as problems with other tools using the hard-coded defaults.

With ecryptfs-utils

Alternatively to using the scripts ecryptfs-setup-private and ecryptfs-mount-private to setup and mount eCryptfs, the same can be done directly with the binaries (which those scripts use) ecryptfs-add-passphrase and mount.ecryptfs_private from the ecryptfs-utils package. Those binaries require no root privileges to work by default.

First choose an ALIAS as you like. Through this section, ALIAS will be secret. Create the required directories/files:

The ~/.secret directory will hold the encrypted data. The ~/secret directory is the mount point where ~/.secret will be mounted as an ecryptfs filesystem.

In the next command, replace USER with the name of the current user's home directory. Note that you should write full paths to ~/.ecryptfs/secret.conf. Its format looks like the one in /etc/fstab without the mount options:

Except for ecryptfs_sig and ecryptfs_fnek_sig, the options are hard-coded. ecryptfs_fnek_sig will exist only if you choose filename encryption.

To unmount ~/.secret:

$ umount.ecryptfs_private secret

Without ecryptfs-utils

The ecryptfs-utils package is distributed with a few helper scripts which will help you with key management and similar tasks. If one wants, for example, make a choice about the encryption cipher, some of those scripts cannot be used. In this section we setup an encrypted data directory diverting from those defaults.

First create your private directories, in this example we will call them analogous to the previous section: secret

Second we create the mount-passphrase ("file encryption key, encryption key", or fekek) for the directory. It has to be very secure and cannot be changed easily. The ecryptfs-setup-private script offers the option to generate it from /dev/urandom. In the following we do a generation similar to the source and then use ecryptfs-wrap-passphrase to wrap it with an extra password ("Arch"):

The advantages of the above step are: the mount passphrase is generated from a random source and secured by extra hashing before it is stored on disk. Further, the wrap-passphrase can be changed later.

Now we continue to setup the encryption options for the directory and prepare an user-mountable entry for /etc/fstab. If you already know the eCryptfs options to use in it, you can skip the following mount and create an entry with the above signature already.

The mount.ecryptfs command needs root and does not allow for piping the passphrase unfortunately. The mount helper will ask questions about the options we want to choose ("Key type": passphrase - choose any, we only do this to generate the options to use), but let it mount:

Before continuing, we can already un-mount the temporary mount we used to generate the options:

# umount /home/username/secret

Now the mount line has to be edited into the correct format, the mount options nosuid,nodev,noexec,relatime before the first ecryptfs option are default and can be left out. But what we need to add is the correct signatures for the passphrases to replace the ones of the current mount:

# cat /home/username/.ecryptfs/secret.sig
7c5d3dd8a1b49db0

We also need to add the options user and noauto. After the edit, the entry will look similar to (bold entries added):

The article suggests adding these to /etc/pam.d/login, but the changes will need to be added to all other places you login, such as /etc/pam.d/kde.

Usage

This article or section needs expansion.

Reason: Content that still needs to be covered:

- point to the above "Setup & Mounting" section for how to mount and unmount [this section here will cover all other (i.e. setup-independent) usage info]
- reference ecryptfs tools not used/mentioned in the prior sections (e.g. with a short link to the online manpages and mention of the other tools usage, as it seems useful (not covered yet are, e.g. ecryptfs-stat, ecryptfs-find, ecryptfs-rewrite-file.)
- mention the options to share an encrypted folder between users and to place non-encrypted files or folders in the encrypted container ("pass-through")

Symlinking into the encrypted directory

Besides using your private directory as storage for sensitive files, and private data, you can also use it to protect application data. Firefox for example has an internal password manager, but the browsing history and cache can also be sensitive. Protecting it is easy:

Removal of encryption

There are no special steps involved, if you want to remove your private directory. Make sure it is un-mounted and delete the respective lower directory (e.g. ~/.Private), along with all the encrypted files. After also removing the related encryption signatures and configuration in ~/.ecryptfs, all is gone.

If you were #Using the Ubuntu tools to setup a single directory encryption, you can directly follow the steps detailed by:

$ ecryptfs-setup-private --undo

and follow the instructions.

Backup

If you want to move a file out of the private directory just move it to the new destination while ~/Private is mounted.

With eCryptfs the cryptographic metadata is stored in the header of the files. Setup variants explained in this article separate the directory with encrypted data from the mount point. The unencrypted mount point is fully transparent and available for a backup. Obviously this has to be considered for automated backups, if one has to avoid leaking sensitive unencrypted data into a backup.

You can do backups, or incremental backups, of the encrypted (e.g. ~/.Private) directory, treating it like any other directory.

Further points to note:

If you used the Ubuntu tools for #Encrypting a home directory, be aware the location of the lower directory with the encrypted files is outside the regular user's $HOME at /home/.ecryptfs/$USER/.Private.

It should be ensured to include the eCryptfs setup files (located in ~/.ecryptfs usually) into the regular or a separate backup.

If you use special filesystem mount options, for example ecryptfs_xattr, do extra checks on restore integrity.